> Another option, which would require a minor patch to the kernel, would be > to have ECN default to disabled even when compiled into the kernel (and > thus require an explit 'echo 1 >/proc/sys/net/ipv4/tcp_ecn' to enable). > This'd be analagous to the current behaviour with IP forwarding. Eduard Bloch suggested this on 9/2, though it took me a while to understand what he meant:
Good. The problem - it is on by default in our precompiled kernel-image packages. To disable (by default), you have to remove ECN support from kernel or either patch the kernel to make int off-as-default (*) or put in in the template of sysctl.conf. (*) I doubt Herbert Xu would like such modifications. And Herbert replied on 9/3: 2. The kernel will not be patched to disable it by default with INET_ECN compiled in as the same thing can be easily achieved from user space. It could be a nice solution that would satisfy my insane desire that enabling ECN should be a one-step process - either in kernel configuration or by manually editing sysctl.conf. -neil